Media Wiki Security Concepts: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 1: | Line 1: | ||
=External= | =External= | ||
* https://www.mediawiki.org/wiki/Manual:Security | * https://www.mediawiki.org/wiki/Manual:Security | ||
* https://www.mediawiki.org/wiki/Manual:Preventing_access | * https://www.mediawiki.org/wiki/Manual:Preventing_access | ||
=Internal= | =Internal= | ||
* [[Media Wiki Concepts#Security|MediaWiki Concepts]] | * [[Media Wiki Concepts#Security|MediaWiki Concepts]] | ||
=Overview= | =Overview= | ||
=sysop= | =sysop= | ||
=User Rights Profile= | =User Rights Profile= | ||
| Line 21: | Line 16: | ||
==Private wiki== | ==Private wiki== | ||
A "Private wiki" only allows approved users to view pages, with the same group allowed to edit. A user that does not authenticate is not allowed to access anything on the server. | A "Private wiki" only allows approved users to view pages, with the same group allowed to edit. A user that does not authenticate is not allowed to access anything on the server. | ||
=Reading= | =Reading= | ||
Disable reading by anonymous users: | Disable reading by anonymous users: | ||
<syntaxhighlight lang='php'> | <syntaxhighlight lang='php'> | ||
| Line 30: | Line 23: | ||
To allow anonymous users access to the login page: | To allow anonymous users access to the login page: | ||
<syntaxhighlight lang='php'> | |||
$wgWhitelistRead = array ("Special:Userlogin"); | |||
</syntaxhighlight> | |||
=Editing= | =Editing= | ||
Disable anonymous editing: | Disable anonymous editing: | ||
<syntaxhighlight lang='php'> | |||
$wgGroupPermissions['*']['edit'] = false; | |||
</syntaxhighlight> | |||
=Account Creation= | =Account Creation= | ||
Controlled by LocalSettings.php: | Controlled by <code>[[Media_Wiki_Concepts#LocalSettings.php|LocalSettings.php]]</code>: | ||
<syntaxhighlight lang='php'> | |||
$wgGroupPermissions['*']['createaccount'] = false; | |||
</syntaxhighlight> | |||
This prevents account creation by anyone (logged in or not), except by [[#sysop|sysops]]. | This prevents account creation by anyone (logged in or not), except by [[#sysop|sysops]]. | ||
Revision as of 18:43, 29 December 2023
External
- https://www.mediawiki.org/wiki/Manual:Security
- https://www.mediawiki.org/wiki/Manual:Preventing_access
Internal
Overview
sysop
User Rights Profile
Open wiki
The Open wiki model allows anyone to edit, without even logging in.
Account creation required
A wiki with "Account creation required" provides extra accountability, but may deter casual contributors.
Authorized editors only
The "Authorized editors only" scenario allows approved users to edit, but the public can view the pages, including history.
Private wiki
A "Private wiki" only allows approved users to view pages, with the same group allowed to edit. A user that does not authenticate is not allowed to access anything on the server.
Reading
Disable reading by anonymous users:
$wgGroupPermissions['*']['read'] = false;
To allow anonymous users access to the login page:
$wgWhitelistRead = array ("Special:Userlogin");
Editing
Disable anonymous editing:
$wgGroupPermissions['*']['edit'] = false;
Account Creation
Controlled by LocalSettings.php:
$wgGroupPermissions['*']['createaccount'] = false;
This prevents account creation by anyone (logged in or not), except by sysops.